Privacy Policy

Effective Date: November 23, 2024

I am committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how I collect, use, and safeguard your data to deliver exceptional services and a seamless experience when you interact with my services, including payments made via Stripe.

By using my services, you agree to the practices described in this policy.

1. Information I Collect

I may collect the following types of personal information:

  • Contact Information: Name, email address, and mailing address.

  • Payment Information: Payments are processed securely by Stripe, and I do not have access to your full credit or debit card details. I may see limited information, such as the last four digits of your card number, for reference purposes.

  • Project and Business Information: Details about your project, preferences, and business needs to provide the best possible service.

  • Technical Information: IP address, browser type, and other technical information collected automatically when you visit my website, communicate with me, or complete a payment through Stripe. This information is gathered for security and fraud prevention purposes.

2. How I Use Your Information

I use the collected information for the following purposes:

  • Service Delivery: To provide and manage my game development services, including communication regarding project progress and deliverables.

  • Billing and Payments: To process payments securely via Stripe, issue invoices, and manage transactions.

  • Customer Support: To respond to your inquiries, provide technical assistance, and improve customer service.

  • Legal and Regulatory Compliance: To comply with legal obligations, prevent fraud, and protect the security of my services.

3. Legal Reasons for Using Your Data

Under the General Data Protection Regulation (GDPR), I process your personal information based on the following legal grounds:

  • Contractual Necessity: I process your personal data to fulfill my contract with you, including providing game development services and handling payments.

  • Consent: Where I ask for your explicit consent (e.g., for marketing communications), I process your data based on this consent, which can be withdrawn at any time.

  • Legal Obligations: I may process your data to comply with legal requirements, such as tax and accounting obligations.

  • Legitimate Interests: I process your personal data to pursue legitimate interests, such as improving my services and securing my website, provided that these interests do not override your privacy rights.

4. Sharing Your Information

I do not sell or rent your personal information to third parties. However, I may share your information in the following circumstances:

  • Payment Processing: I share payment details with Stripe, my secure payment processor, to handle transactions. Stripe's use of your information is governed by their own privacy policy, which can be found here.

  • Service Providers: I may share your data with trusted third-party service providers who assist in delivering my services (e.g., hosting providers, email services).

  • Legal Compliance: If required by law or to protect my legal rights, I may disclose your information to law enforcement or regulatory authorities.

5. Data Transfers Outside the EU/EEA

If I transfer your personal data to service providers or partners outside the European Economic Area (EEA), I ensure that your data is adequately protected. This includes ensuring that:

  • The recipient country has been recognized by the European Commission as providing an adequate level of data protection.

  • Legally approved agreements for data protection are in place to protect your data.

  • Other appropriate safeguards, such as binding corporate rules, are implemented.

I primarily use Stripe for payment processing, which may involve transferring data to the United States. Stripe complies with GDPR requirements through mechanisms such as legally approved agreements for data protection and other recognized safeguards.

6. Stripe’s Role

Payments are processed securely through Stripe, a trusted payment platform that ensures your transactions are safe. Stripe is certified as PCI DSS (Payment Card Industry Data Security Standard) compliant, meaning your payment information is handled using industry-leading encryption and security protocols.

I do not store or have access to your full credit or debit card details; these are processed exclusively by Stripe. For transparency, I may see limited information, such as the last four digits of your card number or transaction references.

Stripe’s compliance with GDPR ensures that your data is transferred and stored securely, even when processed outside the European Economic Area (EEA). For more details, you can review Stripe's Privacy Policy.

7. Data Security

I implement appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, or misuse. This includes securing the systems I use to deliver services and ensuring that any third-party providers I work with meet high security standards.

Payment processing is handled securely through trusted providers, as detailed in the Stripe’s Role section. For other types of data, such as project files or communication records, I use encrypted storage and access controls to safeguard your information.

8. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: You have the right to request access to the personal data I hold about you.

  • Right to Rectification: You can request that I correct inaccurate or incomplete data.

  • Right to Erasure (Right to be Forgotten): You may request that I delete your personal data, provided there is no legal obligation to retain it.

  • Right to Restrict Processing: You can request that I limit the processing of your data under certain circumstances.

  • Right to Data Portability: You can ask for a copy of your data in a format that’s easy to share with another service provider.

  • Right to Object: You can object to the processing of your data, particularly for direct marketing purposes or when processing is based on legitimate interests.

  • Right to Withdraw Consent: If I rely on your consent for processing, you have the right to withdraw it at any time without affecting the lawfulness of prior processing.

  • Right to Lodge a Complaint: If you believe your rights have been violated, you can lodge a complaint with the relevant data protection authority (in Germany, this would be the Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI)).

To exercise any of these rights, please contact me.

9. Data Retention

I will retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including providing services to you and complying with legal, accounting, or reporting requirements.

  • Invoices and payment records will be kept for 10 years in accordance with tax and legal obligations.

  • Project-related communication and files will be kept for the duration of the project and for 3 years afterward, unless you request their deletion sooner. This retention period allows for handling any post-project support, disputes, or inquiries.

Please note that communications conducted on platforms such as Discord may be stored indefinitely unless you request their deletion. I may also retain these communications as backups to address post-project needs, support requests, or disputes, in compliance with data protection laws. If no such needs arise, I will delete these records as soon as they are no longer required

If you withdraw consent for data processing, I will delete your data unless it is required for legal obligations.

10. Cookies and Tracking Technologies

I do not use cookies or similar tracking technologies on my website. I may collect technical information, such as your IP address and browser type, through server logs. This helps improve security and user experience. If I start using cookies in the future, I will notify you with a clear cookie banner and update this Privacy Policy.

11. Third-Party Links

My website or communications may contain links to third-party websites (e.g., social media platforms, Stripe). I am not responsible for the privacy practices of these external sites. I encourage you to review the privacy policies of any third-party websites you visit.

12. Complaints

If you believe I have not complied with data protection laws, you can file a complaint with the Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI) in Germany or your local data protection authority.

Contact details:
Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Website: https://www.bfdi.bund.de

13. Changes to This Privacy Policy

I may update this Privacy Policy from time to time. Any changes will be posted on this page, and I will notify you of significant updates via email or through my website. Please check back periodically to stay informed about how I protect your data.

14. Contact Me

If you have any questions or concerns about this Privacy Policy, or if you would like to exercise your data rights, please contact me through the contact form available on my website.